* [PATCH iwl-net v2] i40e:Fix filter input checks to prevent config with invalid values
@ 2023-11-29 10:23 Aleksandr Loktionov
2023-12-06 21:25 ` Simon Horman
0 siblings, 1 reply; 2+ messages in thread
From: Aleksandr Loktionov @ 2023-11-29 10:23 UTC (permalink / raw)
To: intel-wired-lan, anthony.l.nguyen, aleksandr.loktionov
Cc: netdev, Sudheer Mogilappagari, Andrii Staikov
From: Sudheer Mogilappagari <sudheer.mogilappagari@intel.com>
Prevent VF from configuring filters with unsupported actions or use
REDIRECT action with invalid tc number. Current checks could cause
out of bounds access on PF side.
Fixes: e284fc280473 ("i40e: Add and delete cloud filter")
Reviewed-by: Andrii Staikov <andrii.staikov@intel.com>
Signed-off-by: Sudheer Mogilappagari <sudheer.mogilappagari@intel.com>
Signed-off-by: Aleksandr Loktionov <aleksandr.loktionov@intel.com>
---
v1->v2 add 'Fixes:' tag into commit message
---
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
index 3f99eb1..031b15c 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -3521,16 +3521,16 @@ static int i40e_validate_cloud_filter(struct i40e_vf *vf,
bool found = false;
int bkt;
- if (!tc_filter->action) {
+ if (tc_filter->action != VIRTCHNL_ACTION_TC_REDIRECT) {
dev_info(&pf->pdev->dev,
- "VF %d: Currently ADq doesn't support Drop Action\n",
- vf->vf_id);
+ "VF %d: ADQ doesn't support this action (%d)\n",
+ vf->vf_id, tc_filter->action);
goto err;
}
/* action_meta is TC number here to which the filter is applied */
if (!tc_filter->action_meta ||
- tc_filter->action_meta > I40E_MAX_VF_VSI) {
+ tc_filter->action_meta > vf->num_tc) {
dev_info(&pf->pdev->dev, "VF %d: Invalid TC number %u\n",
vf->vf_id, tc_filter->action_meta);
goto err;
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH iwl-net v2] i40e:Fix filter input checks to prevent config with invalid values
2023-11-29 10:23 [PATCH iwl-net v2] i40e:Fix filter input checks to prevent config with invalid values Aleksandr Loktionov
@ 2023-12-06 21:25 ` Simon Horman
0 siblings, 0 replies; 2+ messages in thread
From: Simon Horman @ 2023-12-06 21:25 UTC (permalink / raw)
To: Aleksandr Loktionov
Cc: intel-wired-lan, anthony.l.nguyen, netdev, Sudheer Mogilappagari,
Andrii Staikov
On Wed, Nov 29, 2023 at 11:23:11AM +0100, Aleksandr Loktionov wrote:
> From: Sudheer Mogilappagari <sudheer.mogilappagari@intel.com>
>
> Prevent VF from configuring filters with unsupported actions or use
> REDIRECT action with invalid tc number. Current checks could cause
> out of bounds access on PF side.
>
> Fixes: e284fc280473 ("i40e: Add and delete cloud filter")
> Reviewed-by: Andrii Staikov <andrii.staikov@intel.com>
> Signed-off-by: Sudheer Mogilappagari <sudheer.mogilappagari@intel.com>
> Signed-off-by: Aleksandr Loktionov <aleksandr.loktionov@intel.com>
> ---
> v1->v2 add 'Fixes:' tag into commit message
Hi Aleksandr and Sudheer,
Some minor nits from my side:
* Probably there should be a space after 'i40e:' in the subject.
* v2 was posted not long after v1.
Please consider allowing 24h between posts.
Link: https://docs.kernel.org/process/maintainer-netdev.html
The above notwithstanding, this looks good to me.
Reviewed-by: Simon Horman <horms@kernel.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-12-06 21:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-29 10:23 [PATCH iwl-net v2] i40e:Fix filter input checks to prevent config with invalid values Aleksandr Loktionov
2023-12-06 21:25 ` Simon Horman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).